Enabling an external JACC provider

Use this topic to enable an external JACC provider using the administrative console.

Before you begin

The Java Authorization Contract for Containers (JACC) defines a contract between Java 2 Platform, Enterprise Edition (J2EE) containers and authorization providers. This contract enables any third-party authorization providers to plug into a J2EE 1.4 application server, such as WebSphere Application Server to make the authorization decisions when a J2EE resource is accessed.

Procedure

  1. From the WebSphere Application Server administrative console, click Security > Global security.
  2. Under Authorization, click Authorization providers.
  3. Under Related items, click External JACC provider.
  4. The fields are set for Tivoli Access Manager by default. If you do not plan to use Tivoli Access Manager as the JACC provider, replace these fields with the details for your own external JACC provider.
  5. If any custom properties are required by the JACC provider, click Custom properties under Additional properties and enter the properties. When using the Tivoli Access Manager, use the Tivoli Access Manager properties link instead of the Custom properties link. For more information, see Configuring the JACC provider for Tivoli Access Manager using the administrative console.
  6. On the External authorization providers panel, select the External authorization using a JACC provider option and click OK.
  7. Complete the remaining steps to enable global security. If you are using Tivoli Access Manager, you must select LDAP as the user registry and use the same LDAP server. For more information on configuring LDAP registries, see Configuring Lightweight Directory Access Protocol user registries.
  8. Verify that all of the changes are synchronized across all nodes. For more information, see Synchronizing nodes with the wsadmin tool
  9. In a multinode environment, stop and start the deployment manager configuration.
    [AIX HP-UX Linux Solaris Windows] [z/OS] Issue the following commands:
    profile_root/bin/stopManager.bat 
     -username user_name 
     -password password
    
    profile_root/bin/startManager.bat
    
  10. Restart all servers to make these changes effective.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Sep 20, 2010 11:08:29 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-nd-mp&topic=tsec_jaccenable
File name: tsec_jaccenable.html